package com.cby.user.interceptor;

import com.alibaba.fastjson.JSON;
import com.cby.other.R;
import com.cby.user.entity.CbyUser;
import com.cby.user.mapper.CbyIdentityMapper;
import com.cby.user.mapper.CbyUserMapper;
import com.cby.user.threadLocal.UserThreadLocal;
import com.cby.user.util.HttpUtil;
import com.cby.user.util.JwtUtil;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Component;
import org.springframework.stereotype.Repository;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Map;

@Component
@Repository
public class CheckLoginInterceptor implements HandlerInterceptor {

    @Autowired
    private CbyUserMapper userMapper;
    @Autowired
    private CbyIdentityMapper identityMapper;
    @Autowired
    RedisTemplate<String, String> redisTemplate;

    // 在执行controller方法之前进行执行
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
            throws Exception {
        System.out.println(handler);
        //1. 判断是否是controller方法，如果不是，直接放行
        if (!(handler instanceof HandlerMethod)) {
            System.out.println('1');
            return true;
        }
        // 判断token是否为空
        String token = request.getHeader("Authorization");
        System.out.println("token = "+token);
        if (StringUtils.isBlank(token)) { // 注意是lang3包下的StringUtils
            HttpUtil.responseJSON(response, R.error("您还未登录,或者认证已经失效!"));
            System.out.println(2);
            return false;
        }
        // 判断token是否解析成功
        Map<String, Object> stringObjectMap = JwtUtil.checkToken(token);
        if (stringObjectMap == null) {
            HttpUtil.responseJSON(response, R.error("您还未登录,或者认证已经失效!"));
            System.out.println(3);
            return false;
        }
        // 判断redis中是否存在token
        String userJson = redisTemplate.opsForValue().get("userToken" + token);
        if (StringUtils.isBlank(userJson)) {
            HttpUtil.responseJSON(response, R.error("您还未登录,或者认证已经失效!"));
            System.out.println(4);
            return false;
        }
        // 走到这 说明用户存在
        CbyUser user = JSON.parseObject(userJson, CbyUser.class);
        // 判断用户是否是管理员
        if(!identityMapper.selectById(user.getIdentityId()).equals("管理员")){
            HttpUtil.responseJSON(response, R.error("非管理员用户，暂无权限!"));
            System.out.println(5);
            return false;
        }
        // 通关
        UserThreadLocal.put(user); // 将user信息放入本地线程
        System.out.println("6");
        return true;
    }

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
            throws Exception {
        // 如果用完不删除ThreadLocal本地线程中的信息，会有内存泄露的风险
        UserThreadLocal.remove();
    }

}